" Computer Network Security "

The book gives an extensive overview of network security and the necessary cryptography. It covers standards and protocols in great detail, and can serve as a handy reference for people interested in this area. Due to the many exercises, it can also serve as one of the textbooks of an introductory course on network security. 1 What the book is about The book is intended as a textbook for a one-semester introductory course on network security, but also as a reference for IT professionals. It is divided into nine chapters, each containing also a set of exercises. The first chapter gives an overview of network security topics. After a few definitions, it presents common attacks and defense mechanisms. It gives a colorful mix of what the author considers to be the most common attacks, chosen from the whole spectrum of cryptography and computer and network security. Then the author introduces attacker types such as “script kiddies” and “cyber spies”, and rounds the chapter off with a basic security model that combines cryptosystems, firewalls, anti-virus programs, and intrusion detection systems into one picture. The second chapter is called “data encryption algorithms”, and deals with symmetric ciphers. The author gives an extensive and detailed description of the DES and AES algorithms. The treatment of block cipher modes of operation, the RC4 stream cipher, and key generation is comparatively short. At the end of the chapter, he also presents some simple attacks. The third chapter is titled “public-key cryptography and key management”, and describes mainly public-key encryption schemes and key exchange protocols. It starts with an overview of basic concepts, contains an introduction to some techniques in number theory that are fundamental for public-key crypto. The rest of the chapter describes RSA, and the ElGamal cryptosystem and Diffie-Hellman key exchange both in multiplicative groups and over elliptic curves. The chapter is rounded off with a short description of a certificate infrastructure. The fourth chapter is about data authentication. It covers the cryptographic hash functions SHA-512 and Whirlpool, checksums, the HMAC authentication, the offset codebook mode of operation for block ciphers, and the digital signature standard DSS. It closes with some more advanced material describing dual signatures and blind signatures.